com.ibm.as400.access
Class ProfileTokenImplNative

java.lang.Object
  com.ibm.as400.access.ProfileTokenImplNative

All Implemented Interfaces:

ProfileTokenImpl

public class ProfileTokenImplNative
extends Object
implements ProfileTokenImpl

The ProfileTokenImplNative class provides an implementation for behavior delegated by a ProfileTokenCredential object.

Field Summary

Modifier and Type	Field and Description

Fields inherited from interface com.ibm.as400.security.auth.ProfileTokenImpl

PW_STR_NOPWD, PW_STR_NOPWDCHK

Constructor and Description

ProfileTokenImplNative()

Method Summary

Modifier and Type	Method and Description
void	destroy() Destroy or clear sensitive information maintained by the credential implementation.
byte[]	generateToken(String uid, int pwdSpecialValue, int type, int timeoutInterval) Generates and returns a new profile token based on the provided information using a password special value.
byte[]	generateToken(String uid, String pwd, int type, int timeoutInterval) Deprecated. As of V5R3, replaced by generateTokenExtended(String,String,int,int) for password strings and generateToken(String,int,int,int) for password special values.
byte[]	generateTokenExtended(String uid, String pwd, int type, int timeoutInterval) Generates and returns a new profile token based on the provided information using a password string.
int	getTimeToExpiration() Returns the number of seconds before the credential is due to expire.
int	getVersion() Returns the version number for the implementation.
boolean	isCurrent() Indicates if the credential is still considered valid for authenticating to associated services or performing related actions.
void	refresh() Updates or extends the validity period for the credential.
byte[]	refresh(int type, int timeoutInterval) Updates or extends the validity period for the credential.
void	setCredential(AS400Credential credential) Sets the credential delegating behavior to the implementation object.
AS400Credential	swap(boolean genRtnCr) Attempts to swap the thread identity based on this credential.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ProfileTokenImplNative

public ProfileTokenImplNative()

Method Detail

destroy

public void destroy()
             throws DestroyFailedException

Destroy or clear sensitive information maintained by the credential implementation.

Subsequent requests may result in a NullPointerException.

This class will also attempt to remove the associated profile token from the system.

Throws:

DestroyFailedException - If errors occur while destroying or clearing credential data.

generateToken

public byte[] generateToken(String uid,
                            String pwd,
                            int type,
                            int timeoutInterval)
                     throws RetrieveFailedException

Deprecated. As of V5R3, replaced by generateTokenExtended(String,String,int,int) for password strings and generateToken(String,int,int,int) for password special values.

Generates and returns a new profile token based on the provided information.

Specified by:

generateToken in interface ProfileTokenImpl

Parameters:

uid - The name of the user profile for which the token is to be generated.

pwd - The user profile password or special value.

type - The type of token. Possible types are defined as fields on the ProfileTokenCredential class:

• TYPE_SINGLE_USE
• TYPE_MULTIPLE_USE_NON_RENEWABLE
• TYPE_MULTIPLE_USE_RENEWABLE

timeoutInterval - The number of seconds to expiration.

Returns:

The token bytes.

Throws:

RetrieveFailedException - If errors occur while generating the token.

generateToken

public byte[] generateToken(String uid,
                            int pwdSpecialValue,
                            int type,
                            int timeoutInterval)
                     throws RetrieveFailedException

Generates and returns a new profile token based on the provided information using a password special value.

Specified by:

generateToken in interface ProfileTokenImpl

Parameters:

uid - The name of the user profile for which the token is to be generated.

pwdSpecialValue - A password special value. Possible types are defined as fields on the ProfileTokenCredential class:

• PW_NOPWD
• PW_NOPWDCHK

type - The type of token. Possible types are defined as fields on the ProfileTokenCredential class:

• TYPE_SINGLE_USE
• TYPE_MULTIPLE_USE_NON_RENEWABLE
• TYPE_MULTIPLE_USE_RENEWABLE

timeoutInterval - The number of seconds to expiration.

Returns:

The token bytes.

Throws:

RetrieveFailedException - If errors occur while generating the token.

generateTokenExtended

public byte[] generateTokenExtended(String uid,
                                    String pwd,
                                    int type,
                                    int timeoutInterval)
                             throws RetrieveFailedException

Generates and returns a new profile token based on the provided information using a password string.

Specified by:

generateTokenExtended in interface ProfileTokenImpl

Parameters:

uid - The name of the user profile for which the token is to be generated.

pwd - The user profile password (encoded). Special values are not supported by this method.

type - The type of token. Possible types are defined as fields on the ProfileTokenCredential class:

• TYPE_SINGLE_USE
• TYPE_MULTIPLE_USE_NON_RENEWABLE
• TYPE_MULTIPLE_USE_RENEWABLE

timeoutInterval - The number of seconds to expiration.

Returns:

The token bytes.

Throws:

RetrieveFailedException - If errors occur while generating the token.

getTimeToExpiration

public int getTimeToExpiration()
                        throws RetrieveFailedException

Returns the number of seconds before the credential is due to expire.

Returns:

The number of seconds before expiration; zero (0) if already expired.

Throws:

RetrieveFailedException - If errors occur while retrieving timeout information.

getVersion

public int getVersion()

Returns the version number for the implementation.

Used to ensure the implementation is valid for specific functions.

Returns:

The version number.

isCurrent

public boolean isCurrent()

Indicates if the credential is still considered valid for authenticating to associated services or performing related actions.

An exception is not thrown on failure to remain consistent with the Refreshable interface (even though some credential classes currently avoid the dependency established by implementing the interface).

Returns:

true if valid; false if not valid or if the operation fails.

refresh

public void refresh()
             throws RefreshFailedException

Updates or extends the validity period for the credential.

Throws:

RefreshFailedException - If errors occur during refresh.

refresh

public byte[] refresh(int type,
                      int timeoutInterval)
               throws RefreshFailedException

Updates or extends the validity period for the credential.

Generates a new profile token based on the previously established token with the given type and timeoutInterval.

This method is provided to handle cases where it is desirable to allow for a more restrictive type of token or a different timeout interval when a new token is generated during the refresh.

Specified by:

refresh in interface ProfileTokenImpl

Parameters:

type - The type of token. Possible types are defined as fields on the ProfileTokenCredential class:

• TYPE_SINGLE_USE
• TYPE_MULTIPLE_USE_NON_RENEWABLE
• TYPE_MULTIPLE_USE_RENEWABLE

timeoutInterval - The number of seconds before expiration.

Returns:

The new token.

Throws:

RefreshFailedException - If errors occur during refresh.

setCredential

public void setCredential(AS400Credential credential)

Sets the credential delegating behavior to the implementation object.

Parameters:

credential - The associated credential.

swap

public AS400Credential swap(boolean genRtnCr)
                     throws SwapFailedException

Attempts to swap the thread identity based on this credential.

Parameters:

genRtnCr - Indicates whether a return credential should be generated, even if supported. When appropriate, not generating a return credential can improve performance and avoid potential problems in creating the credential.

Returns:

A credential capable of swapping back to the original identity; classes not supporting this capability will return null. This value will also be null if genRtnCr is false.

Throws:

SwapFailedException - If errors occur while swapping thread identity.

SecurityException - If the caller does not have permission to modify the OS thread identity.